Friday, April 27, 2012

ClusterFuzz:

Clusterfuzz is a fuzzing infrastructure which does Fuzz testing for Chrome. It is built on the top of a cluster of several hundred virtual machines running approximately six-thousand simultaneous Chrome instances. Google automates the entire fuzz testing cycle. Fuzz testing is a type of software testing which are mostly automated or sometimes semi automated, that involves providing random unexpected values as input to the software. This is very useful in detecting the security holes in the browser.

Clusterfuzz automatically takes the latest best version(LKGR - Last Known Good Revision) and does testing automatically. Clusterfuzz has detected 95 vulnerabilities till date out of which 44 has been detected before the version gone stable, claims Google.

Google also plans to help webkit and FFmpeg team by submitting the ClusterFuzz reports to them. Share your opinion through comments.